Method, device and system for backup

ABSTRACT

A method, a device, and a system for backup are disclosed. The method includes: receiving a backup packet; analyzing the backup packet to obtain a serial number of an active data packet, where the serial number is carried in the backup packet; calculating a sum of the serial number of the active data packet and a specific increment value to obtain a serial number of a standby data packet; and backing up the serial number of the standby data packet. Therefore, after the service is switched over from the active device to the standby device, the active device still regards the data packet sent by the former standby device as a new data packet and receives the data packet, which prevents service interruption caused by the switchover and improves continuity of service processing in the process of two-node cluster hot backup.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is a continuation of International ApplicationPCT/CN2010/079159, filed on Nov. 26, 2010, which claims priority toChinese Patent Application No. 200910247173.2, filed on Nov. 26, 2009,which is hereby incorporated by reference in its entirety.

FIELD OF THE INVENTION

The present invention relates to network security technologies, and inparticular, to a method, a device, and a system for backup.

BACKGROUND OF THE INVENTION

In a traditional networking mode, the service is interrupted once a linkis cut. The interruption of certain important services such as telecomservice and bank service brings huge negative impact and economic loss.To avoid such consequences, redundant devices are networked to ensurethat the standby device takes over services automatically in the case offailure of the active device, which ensures continuity of the servicesand is known as two-node cluster hot backup.

When enterprises or persons distributed in different areas communicatethrough the Internet, the communication needs to traverse unknownnetworks because the communication parties are located in differentgeographic regions, which leads to uncertainty of data security on theInternet. The IP Security (IPSec) protocol enables enterprises and usersin different geographical regions to set up and manage Virtual PrivateNetwork (VPNs), and authenticates and encrypts transmitted data packetsto prevent the data from being illegally viewed or altered when the datais transmitted in the Intranet or the Internet.

In the conventional two-node hot backup mode, the active device sendsinformation as backup files to the standby device at intervals. When theactive device fails, certain information generated after the last backup(such as serial number of the data) is lost. Consequently, afterswitchover to the standby device, the data packets sent by the formerstandby device are mistakenly regarded as old packets and are discarded,which leads to interruption of certain services such as IPSec VPNservices.

SUMMARY OF THE INVENTION

An embodiment of the present invention provides a method, a device, anda system for backup to improve continuity of service processing intwo-node hot backup.

An embodiment of the present invention provides a backup method,including:

receiving a packet to be backed-up;

obtaining a serial number of data packet from an active device byanalyzing the packet, wherein the serial number is carried in thepacket;

obtaining a serial number of a data packet from a standby device bycalculating the serial number of the data packet from the active deviceand a specific increment value;

determining that an increment of the serial number of the data packetfrom the active device exceeds a first increment threshold; and

backing up the serial number of the data packet from the standby deviceupon the determination.

An embodiment of the present invention provides a backup method,including:

obtaining a serial number of data packet from an active device;

obtaining a serial number of data packet from a standby device bycalculating a sum of the serial number of the data packet from theactive device and a specific increment value;

packaging the serial number of the data packet from the standby deviceinto a packet to be backed-up; and

sending the packet to be backed-up.

An embodiment of the present invention provides a backup device,including:

a first receiving module, configured to receive a backup packet;

a first receiving module, configured to receive a packet to bebacked-up;

a first analyzing module, configured to obtain a serial number of datapacket from an active device by analyzing the packet, wherein the serialnumber is carried in the packet;

a first summing module, configured to obtain a serial number of a datapacket from a standby device by calculating the serial number of thedata packet from the active device and a specific increment value; and

a first backup module, configured to determine that an increment of theserial number of the data packet from the active device exceeds a firstincrement threshold and back up the serial number of the data packetfrom the standby device upon the determination.

An embodiment of the present invention provides another backup device,including:

a first obtaining module, configured to obtain a serial number of datapacket from an active device t;

a second summing module, configured to obtain a serial number of datapacket from a standby device by calculating a sum of the serial numberof the data packet from the active device and a specific incrementvalue;

a first packaging module, configured to package the serial number of thedata packet from the standby device into a packet to be backed-up; and

a first sending module, configure to send the packet to be backed-up.

An embodiment of the present invention provides a backup system thatincludes the foregoing backup device.

Through the method, the device and the system for backup in theembodiments of the present invention, the active device or the standbydevice pre-increases the serial number of the data packet from theactive device when backing up the serial number, and therefore, afterthe service is switched over from the active device to the standbydevice, the active device still regards the data packet sent by theformer standby device as a new data packet and receives the data packet,which prevents service interruption caused by the switchover andimproves continuity of service processing in the process of two-nodecluster hot backup.

BRIEF DESCRIPTION OF THE DRAWINGS

To make the technical solution of the present invention clearer, theaccompanying drawings involved in description of the embodiments of thepresent invention are outlined below. Evidently, the accompanyingdrawings outlined below are not exhaustive, and those skilled in the artcan derive other drawings from them without any creative effort.

FIG. 1 is schematic diagram of a backup method according to anembodiment of the present invention;

FIG. 2 is schematic diagram of another backup method according to anembodiment of the present invention;

FIG. 3 is schematic diagram of another backup method according to anembodiment of the present invention;

FIG. 4 is schematic diagram of another backup method according to anembodiment of the present invention;

FIG. 5 is schematic diagram of another backup method according to anembodiment of the present invention;

FIG. 6 is schematic diagram of a backup device according to anembodiment of the present invention;

FIG. 7 is schematic diagram of another backup device according to anembodiment of the present invention; and

FIG. 8 is schematic diagram of a backup system according to anembodiment of the present invention.

DETAILED DESCRIPTION OF THE EMBODIMENTS

The following detailed description is given in conjunction with theaccompanying drawings to provide a thorough understanding of the presentinvention. Evidently, the drawings and the detailed description aremerely representative of particular embodiments of the present inventionrather than all embodiments. All other embodiments, which can be derivedby those skilled in the art from the embodiments given herein withoutany creative effort, shall fall within the protection scope of thepresent invention.

FIG. 1 is schematic diagram of a backup method according to anembodiment of the present invention. The method in this embodimentincludes the following steps:

Step 101: Receive a packet to be backed-up.

Step 102: Obtain a serial number of data packet from an active device byanalyzing the packet, wherein the serial number is carried in the packet

Step 103: Obtain a serial number of a data packet from a standby deviceby calculating the serial number of the data packet from the activedevice and a specific increment value.

Step 104: Determine that an increment of the serial number of the datapacket from the active device exceeds a first increment threshold

Step 105: Back up the serial number of the data packet from the standbydevice upon the determination.

The entity for performing steps of this embodiment may be a standbydevice engaged in an information backup process, and may be a router.

In the process of developing the present invention, the inventor findsthat the two-node cluster hot backup in the prior art is a process ofcopying the data of the active device to the standby device atintervals. Consequently, when the active device fails, the informationgenerated from the last backup to the occurrence of the failure is notbacked up on the standby device, and the former standby device does notwork properly after the service is switched over from the active deviceto the standby device. For example, when an IPsec VPN service is inprogress, it is set that the data packets from the active device arebacked up every time when the serial number of the data packet from theactive device increases by 1000. Assume the following scenario: Theactive device sends the serial number 1000 of the data packet from theactive device as backup to the standby device, and then goes oncommunicating with the peer device; the active device breaks downabruptly when the serial number of the data packet from the activedevice increases to 1200. At this time, the serial number of the datapacket from the standby device is still 1000, and the standby devicethat takes over the service sends the data packet at 1000. However, uponreceiving the data packet numbered 1000, the peer device regards thedata packet as having received, and discards it. Consequently, the VPNservice is faulty. The inventor of the present invention furtherdiscovers that: In the real-time backup, every change of the serialnumber of the data packet from the active device is backed up to thestandby device, and a packet to be backed-up needs to be sent whenever adata packet is sent, which leads to very great signaling overhead.Moreover, in practice, a certain update delay exists, and the backup maystill be delayed. Therefore, the inventor of the present invention putsforward the following embodiment of the present invention.

After receiving the packet to be backed-up sent by the active device,the standby device analyzes the packet to be backed-up to obtain theserial number of the data packet from the active device, which is theserial number of the data packet from the active device at the time ofbacking up. Considering that active/standby switchover may occur in thefuture, the active device and the standby device pre-increase the serialnumber at the time of backing up the serial number. The specificincrement Δ should be greater than the serial number difference betweentwo backups, namely, a first increment threshold.

For example, Δ may be set to 2-4 multiplied by the first incrementthreshold. In this way, even if the backup fails for 1-3 times, theserial number of the data packet from the standby device is stillgreater than that of the peer device after the service is switched overfrom the active device to the standby device. The standby device backsup the increased serial number of the data packet. The data packetserial number backed up in the standby device is the serial number ofthe standby data packet. As described above, the serial number of thestandby data packet is the sum of the serial number of the data packetfrom the active device and the increment. When the active device failsand the standby device takes over the service, after the active devicereceives the data packet sent by the former standby device, although theserial numbers of the data packets are not continuous, the active devicestill regards and processes the received data packet as a new datapacket so long as the serial number of the data packet is greater thanthe data packet serial number stored in the active device, andtherefore, the service goes on normally.

For example, as regards backup of the serial number of tunnels, for theactive device, when the serial number of the tunnel of the active devicereaches the first increment threshold, the serial number backup istriggered. The trigger condition may be set as condition (1):

Seq_num_active % N=1  (1)

In condition (1):

Seq_num_active is an outbound serial number of the tunnel of the activedevice at the time of triggering backup; and

N is a preset fixed value. A smaller value of N refers to a higherfrequency of backup; conversely, a higher value of N refers to a lowerfrequency of backup.

After receiving the packet to be backed-up, the standby devicepre-increases the serial number of the corresponding tunnel of thestandby device according to the serial number of the active device. Forexample, the serial number is set as:

Seq_num_standby>Seq_num_active  (2)

Seq_num_standby−(Seq_num_active−1)=N×K  (3)

Seq_num_standby % N=0  (4)

where

Seq_num_standby is an outbound serial number of the corresponding tunnelof the standby device; and

K is a selected integer value and 2≦K≦4 preferably.

In this embodiment, the Seq_num_standby value is pre-increased accordingto the Seq_num_active value in the packet to be backed-up. Therefore,after the service is switched over from the active device to the standbydevice, the serial number of the packet sent by the new active devicealways falls within the sliding window of the active device so long asthe pre-increase value is proper, regardless of backup time or backupdelay. The active device does not regard the packet as a replayedpacket.

Through the backup method in this embodiment, the serial number of thedata packet from the active device is pre-increased when being backedup, and therefore, after the service is switched over from the activedevice to the standby device, the active device still regards the datapacket sent by the former standby device as a new data packet andreceives the data packet, which prevents service interruption caused bythe switchover and improves continuity of service processing in theprocess of two-node cluster hot backup.

FIG. 2 is schematic diagram of another backup method according to anembodiment of the present invention. The method in this embodimentincludes the following steps:

Step 201: Receive a packet to be backed-up.

Step 202: Obtain a serial number of data packet from an active device byanalyzing the packet, wherein the serial number is carried in thepacket.

Step 203: Obtain a serial number of a data packet from a standby deviceby calculating the serial number of the data packet from the activedevice and a specific increment value.

Step 204: Determine that an increment of the serial number of the datapacket from the active device exceeds a first increment threshold.

Step 205: Back up the serial number of the data packet from the standbydevice upon the determination.

Step 206: Obtain configuration command carried in the packet to bebacked-up by analyzing the packet to be backed-up, and performconfiguration according to the configuration command; and/or Step 207:Obtain tunnel information carried in the packet to be backed-up byanalyzing the packet to be backed-up, and reconstruct the tunnelcorresponding to the tunnel information according to the tunnelinformation.

The entity for performing steps of this embodiment may be a standbydevice engaged in an information backup process, and may be a router.

This embodiment differs from the previous embodiment in that: after thedata packet serial number is backed up, the configuration command andthe tunnel information are backed up. Such backup is generally triggeredby a specific event, for example, after two-node cluster hot backup isconfigured between two devices, after the device is restarted, or afterthe active device and the standby device are determined initiallythrough negotiation; or the backup is triggered by the user. In suchscenarios, complete data needs to be backed up at a single attempt.

The active device needs to sends the configuration information as backupto the standby device as triggered by user or by one of the followingevents: the active device finishes configuring a two-node cluster hotbackup command, the device is restarted, and the active device and thestandby device are determined initially through negotiation. If thestandby device lacks such configuration information, the former standbydevice is unable to restore the state of the former active device afterthe service is switched from the active device to the standby device,which leads to service interruption. In this embodiment, the process ofbacking up the configuration information is: The active device sends tothe standby device the configuration command that is generated and readyfor being backed up; and the standby device receives the backup packetthat carries the configuration information, analyzes the backup packet,generates the same configuration command, and configures itself. In thisembodiment, the trigger mode may be: The user triggers batch backup ofpackets manually. The active device needs to sends the tunnelinformation as backup to the standby device as triggered by user or byone of the following events: the active device finishes configuring atwo-node cluster hot backup command, the device is restarted, and theactive device and the standby device are determined initially throughnegotiation. If the standby device lacks such tunnel information, theformer standby device is unable to restore the established tunnel afterthe service is switched from the active device to the standby device,which leads to service interruption. In this embodiment, the process ofbacking up the tunnel information is: The active device sends the tunnelinformation to the standby device; and the standby device receives thepacket to be backed-up that carries the tunnel information, analyzes thebackup packet, and reconstructs tunnels.

The method for backing up the data packet serial number in thisembodiment is the same as that of the previous embodiment, and is notrepeated here any further.

Through the backup method in this embodiment, the serial number of thedata packet from the active device is pre-increased when being backedup, and therefore, after the service is switched over from the activedevice to the standby device, the active device still regards the datapacket sent by the former standby device as a new data packet andreceives the data packet, which prevents service interruption caused bythe switchover. Besides, more data is backed up, and therefore, thecomplete data is backed up upon occurrence of an exceptional event, andthe continuity of service processing is improved in the process oftwo-node cluster hot backup.

FIG. 3 is schematic diagram of another backup method according to anembodiment of the present invention. The method in this embodimentincludes the following steps:

Step 301: Receive a packet to be backed-up.

Step 302: Obtain a serial number of data packet from an active device byanalyzing the packet, wherein the serial number is carried in the packet

Step 303: Obtain a serial number of a data packet from a standby deviceby calculating the serial number of the data packet from the activedevice and a specific increment value.

Step 304: Determine that an increment of the serial number of the datapacket from the active device exceeds a first increment threshold.

Step 305: Back up the serial number of the data packet from the standbydevice upon the determination.

Step 306: Obtain the configuration command carried in the packet to bebacked-up by analyzing the packet to be backed-up, and performconfiguration according to the configuration command; and/or step 307:Obtain tunnel information carried in the packet to be backed-up byanalyzing the packet to be backed-up, and reconstruct the tunnelcorresponding to the tunnel information according to the tunnelinformation; and/or step 308: Obtain a tunnel deletion notificationcarried in the packet to be backed-up by analyzing the packet to bebacked-up, and delete the tunnel corresponding to the tunnel deletionnotification according to the tunnel deletion notification; and/or step309: Obtain a Dead Point Detection (DPD) serial number carried in thepacket to be backed-up by analyzing the packet to be backed-up, and backup the DPD serial number; and/or step 310: Obtain a packet ID carried inthe packet to be backed-up by analyzing the packet to be backed-up, andback up the packet ID.

The entity for performing steps of this embodiment may be a standbydevice engaged in an information backup process, and may be a router.

This embodiment differs from the embodiment shown in FIG. 1 in that:Upon change of the configuration command, tunnel information, tunneldeletion notification, packet ID, or DPD serial number of the activedevice, the active device backs up the change information automatically,and sends a packet to be backed-up to the standby device. Afterreceiving the packet to be backed-up, the standby device analyzes thepacket, and backs up the corresponding information. The backup mode maybe batch backup, real-time, or periodical backup. Generally, real-timebackup occurs immediately as triggered, and periodical backup occurs astriggered when certain conditions are met. Periodical backup is suitablefor the state data that does not impact the service stability seriouslyor the state data not sensitive to real-time, because that improvesbackup efficiency while meeting the service requirement. Upon change ofthe configuration command of the active device, the active device needsto send the configuration information as backup to the standby device.If the standby device lacks such configuration information, the formerstandby device is unable to restore the state of the former activedevice after the service is switched from the active device to thestandby device, which leads to service interruption. In this embodiment,the process of backing up the configuration information is: The activedevice sends to the standby device the configuration command that isgenerated and ready for being backed up; and the standby device receivesthe packet to be backed-up that carries the configuration information,analyzes the packet, generates the same configuration command, andconfigures itself.

Once the active device creates a new tunnel, the active device needs tosend the tunnel information as backup to the standby device. If thestandby device lacks such tunnel information, the former standby deviceis unable to restore the new tunnel after the service is switched fromthe active device to the standby device, which leads to serviceinterruption. In this embodiment, the process of backing up the tunnelinformation is: The active device sends the tunnel information to thestandby device; and the standby device receives the backup packet thatcarries the tunnel information, analyzes the packet to be backed-up, andreconstructs the new tunnel.

Once the active device deletes a tunnel, the active device needs to senda tunnel deletion notification as backup to the standby device. If thestandby device lacks such tunnel deletion notification, the formerstandby device still keeps the deleted tunnel after the service isswitched from the active device to the standby device. In thisembodiment, the process of backing up the tunnel information is: Theactive device sends the tunnel deletion notification to the standbydevice; and the standby device receives the packet to be backed-up thatcarries the tunnel deletion notification, analyzes the packet, anddeletes the corresponding tunnel.

Once the active device updates a DPD serial number, the active deviceneeds to send the DPD serial number as backup to the standby device. Inthis embodiment, the process of backing up the DPD serial number is: Theactive device sends the DPD serial number to the standby device; and thestandby device receives the packet to be backed-up that carries the DPDserial number, analyzes the packet, finds the corresponding tunnelaccording to the tunnel ID in the packet, and modifies the existing DPDserial number of the tunnel according to the received DPD serial number.

Once the active device updates a packet ID serial number, the activedevice needs to send the packet ID serial number as backup to thestandby device. In this embodiment, the process of backing up the packetID serial number is: The active device sends the packet ID serial numberto the standby device; and the standby device receives the packet to bebacked-up that carries the packet ID serial number, analyzes the packet,finds the corresponding tunnel according to the tunnel ID in the packet,and modifies the existing packet ID serial number according to thereceived packet ID serial number. When modifying the packet ID serialnumber, the standby device simply modifies it to a value that is thesame as the packet ID serial number of the active device.

Through the backup method in this embodiment, the serial number of theactive data packet is pre-increased when being backed up, and therefore,after the service is switched over from the active device to the standbydevice, the active device still regards the data packet sent by theformer standby device as a new data packet and receives the data packet,which prevents service interruption caused by the switchover. In thisembodiment, a trigger condition is added, and therefore, the backup isperformed proactively upon change of the active device information,which reduces the probability of error occurrence and serviceinterruption and improves the continuity of service processing in theprocess of two-node cluster hot backup.

FIG. 4 is schematic diagram of another backup method according to anembodiment of the present invention. The method in this embodimentincludes the following steps:

Step 401: Obtain a serial number of data packet from an active device.

Step 402: Obtain a serial number of data packet from a standby device bycalculating a sum of the serial number of the data packet from theactive device and a specific increment value.

Step 403: Package the serial number of the data packet from the standbydevice into a packet to be backed-up.

Step 404: Send the packet to be backed-up.

The entity for performing steps of this embodiment may be an activedevice engaged in an information backup process, and may be a router.This embodiment differs from the embodiment shown in FIG. 1 in that theactive device pre-increases the serial number of the data packet fromthe active device. The active device sends the pre-increased serialnumber of the standby data packet to the standby device, and the standbydevice backs up the serial number of the standby data packet locally.

The method in this embodiment may further include the following steps:

Step 405: Determine that an increment of the serial number of the datapacket from the active device after the previous backup operationexceeds a first increment threshold; or

Step 406: Determine that a period time after the previous backupoperation exceeds a first time threshold.

For example, the first time threshold in this embodiment is 200 ms,indicating that the active device triggers the increase of the serialnumber every 200 ms. Through the backup method in this embodiment, theserial number of the active data packet is pre-increased when beingbacked up, and therefore, after the service is switched over from theactive device to the standby device, the active device still regards thedata packet sent by the former standby device as a new data packet andreceives the data packet, which prevents service interruption caused bythe switchover. In this embodiment, a trigger condition is added toreduce the probability of errors and service interruption and improvethe continuity of service processing in the process of two-node clusterhot backup.

FIG. 5 is schematic diagram of another backup method according to anembodiment of the present invention. The method in this embodimentincludes the following steps:

Step 501: Obtain a serial number of data packet from an active device.

Step 502: Obtain a serial number of data packet from a standby device bycalculating a sum of the serial number of the data packet from theactive device and a specific increment value.

Step 503: Package the serial number of the data packet from the standbydevice into a packet to be backed-up.

Step 505: package the packet information that carries the configurationcommand into the packet to be backed-up after receiving theconfiguration command; and/or step 506: package the packet informationthat carries the tunnel information or the tunnel deletion notificationinto the packet when adding or deleting a tunnel; and/or step 507:package the packet information that carries a DPD serial number into thepacket when updating the DPD serial number; and/or step 508: package thepacket information that carries the packet ID into the packet whenupdating the packet ID.

Step 504: Send the packet to be backed-up.

The entity for performing steps of this embodiment may be an activedevice engaged in an information backup process, and may be a router.This embodiment differs from the embodiment shown in FIG. 3 in that theactive device pre-increases the serial number of the active data packet.

Upon receiving the configuration information delivered by an upper-layerdevice or the user, the active device needs to send the configurationinformation as backup to the standby device. If the standby device lackssuch configuration information, the former standby device is unable torestore the state of the former active device after the service isswitched from the active device to the standby device, which leads toservice interruption. In this embodiment, the process of backing up theconfiguration information is: The active device sends to the standbydevice the configuration command that is generated and ready for beingbacked up; and the standby device receives the packet to be backed-upthat carries the configuration information, analyzes the packet,generates the same configuration command, and configures itself.

Once the active device creates a new tunnel, the active device needs tosend the tunnel information as backup to the standby device. If thestandby device lacks such tunnel information, the former standby deviceis unable to restore the new tunnel after the service is switched fromthe active device to the standby device, which leads to serviceinterruption. In this embodiment, the process of backing up the tunnelinformation is: The active device sends the tunnel information to thestandby device; and the standby device receives the packet to bebacked-up that carries the tunnel information, analyzes the packet, andreconstructs the new tunnel.

Once the active device deletes a tunnel, the active device needs to senda tunnel deletion notification as backup to the standby device. If thestandby device lacks such tunnel deletion notification, the formerstandby device still keeps the deleted tunnel after the service isswitched from the active device to the standby device. In thisembodiment, the process of backing up the tunnel information is: Theactive device sends the tunnel deletion notification to the standbydevice; and the standby device receives the packet to be backed-up thatcarries the tunnel deletion notification, analyzes the packet, anddeletes the corresponding tunnel.

Once the active device updates a DPD serial number, the active deviceneeds to send the DPD serial number as backup to the standby device. Inthis embodiment, the process of backing up the DPD serial number is: Theactive device sends the DPD serial number to the standby device; and thestandby device receives the backup packet that carries the DPD serialnumber, analyzes the backup packet, finds the corresponding tunnelaccording to the tunnel ID in the packet, and modifies the DPD serialnumber.

Once the active device updates a packet ID serial number, the activedevice needs to send the packet ID serial number as backup to thestandby device. In this embodiment, the process of backing up the packetID serial number is: The active device sends the packet ID serial numberto the standby device; and the standby device receives the packet to bebacked-up that carries the packet ID serial number, analyzes the packet,finds the corresponding tunnel according to the tunnel ID in the packet,and modifies the packet ID serial number.

Through the backup method in this embodiment, the serial number of theactive data packet is pre-increased when being backed up, and therefore,after the service is switched over from the active device to the standbydevice, the active device still regards the data packet sent by theformer standby device as a new data packet and receives the data packet,which prevents service interruption caused by the switchover. Besides,more data is backed up, and therefore, the complete data is backed upupon occurrence of an exceptional event, and the continuity of serviceprocessing is improved in the process of two-node cluster hot backup.

FIG. 6 is schematic diagram of a backup device according to anembodiment of the present invention. The method in this embodimentincludes the following module:

a first receiving module 601, configured to receive a packet to bebacked-up; a first analyzing module 602, configured to obtain a serialnumber of data packet from an active device by analyzing the packet,wherein the serial number is carried in the packet; a first summingmodule 603, configured to obtain a serial number of a data packet from astandby device by calculating the serial number of the data packet fromthe active device and a specific increment value; and a first backupmodule 604, configured to determine that an increment of the serialnumber of the data packet from the active device exceeds a firstincrement threshold and back up the serial number of the data packetfrom the standby device upon the determination.

The backup device described in this embodiment may be a router, and isdesigned to implement the method shown in FIG. 1. The backup device inthis embodiment may further include:

a first processing module 605, configured to: obtain a configurationcommand carried in the packet to be backed-up by analyzing the packet tobe backed-up, and perform configuration according to the configurationcommand; and/or obtain tunnel information carried in the packet to bebacked-up by analyzing the packet to be backed-up, and reconstruct atunnel corresponding to the tunnel information according to the tunnelinformation; and/or obtain a tunnel deletion notification carried in thepacket to be backed-up by analyzing the packet to be backed-up, anddelete a tunnel corresponding to the tunnel deletion notificationaccording to the tunnel deletion notification; and/or obtain a DeadPoint Detection (DPD) serial number carried in the packet to bebacked-up by analyzing the packet to be backed-up, and back up the DPDserial number; and/or obtain a packet identifier (ID) carried in thepacket to be backed-up by analyzing the packet to be backed-up, and backup the packet ID.

The backup device described in this embodiment may be a router, and isdesigned to implement the methods shown in FIG. 2 and FIG. 3.

Through the backup device in this embodiment, the first summing modulepre-increases the serial number of the data packet from the activedevice when backing up the serial number, and therefore, after theservice is switched over from the active device to the standby device,the active device still regards the data packet sent by the formerstandby device as a new data packet and receives the data packet, whichprevents service interruption caused by the switchover. Besides, thefirst processing module in this embodiment adds more backup data, andtherefore, the complete data is backed up upon occurrence of anexceptional event, and the continuity of service processing is improvedin the process of two-node cluster hot backup.

FIG. 7 is schematic diagram of another backup device according to anembodiment of the present invention. The backup device in thisembodiment includes the following modules:

a first obtaining module 701, configured to obtain a serial number ofdata packet from an active device; a second summing module 702,configured to obtain a serial number of data packet from a standbydevice by calculating a sum of the serial number of the data packet fromthe active device and a specific increment value; and a first packagingmodule 703, configured to package the serial number of the data packetfrom the standby device into a packet to be backed-up; and a firstsending module 704, configure to send the packet to be backed-up.

The backup device described in this embodiment may be a router, and mayfurther include the following modules:

a second processing module 705, configured to determine that theincrement of the serial number of the active data packet subsequent tothe last backup exceeds a first increment threshold; or determine thatthe time subsequent to the last backup exceeds a first time threshold.

The backup device described in this embodiment may be a router, and isdesigned to implement the method shown in FIG. 4.

The backup device described in this embodiment may further include thefollowing modules:

a second packaging module 706, configured to package packet informationthat carries a configuration command into the packet to be backed-upafter receiving the configuration command; and/or package packetinformation that carries tunnel information or a tunnel deletionnotification into the packet to be backed-up when adding or deleting atunnel; and/or package packet information that carries a Dead PointDetection (DPD) serial number into the packet to be backed-up whenupdating the DPD serial number; and/or package packet information thatcarries a packet identifier (ID) into the packet to be backed-up whenupdating the packet ID.

The backup device described in this embodiment may be a router, and isdesigned to implement the method shown in FIG. 5.

Through the backup device in this embodiment, the second summing modulepre-increases the serial number of the active data packet when backingup the serial number, and therefore, after the service is switched overfrom the active device to the standby device, the active device stillregards the data packet sent by the former standby device as a new datapacket and receives the data packet, which prevents service interruptioncaused by the switchover. Besides, the second packaging module in thisembodiment adds more backup data, and therefore, the complete data isbacked up upon occurrence of an exceptional event, and the continuity ofservice processing is improved in the process of two-node cluster hotbackup.

FIG. 8 is schematic diagram of a backup system according to anembodiment of the present invention. The backup system in thisembodiment includes:

at least one backup device shown in FIG. 6 or FIG. 7.

The backup device in this embodiment may be a router, and is designed toimplement the methods shown in FIG. 1 to FIG. 5.

If the backup system in this embodiment includes at least one backupdevice shown in FIG. 6, the backup device is configured to: receive apacket to be backed-up; obtaining a serial number of data packet from anactive device by analyzing the packet, wherein the serial number iscarried in the packet; obtain a serial number of a data packet from astandby device by calculating the serial number of the data packet fromthe active device and a specific increment value; determine that anincrement of the serial number of the data packet from the active deviceexceeds a first increment threshold; and back up the serial number ofthe data packet from the standby device upon the determination. Thebackup device is further configured to: obtain a configuration commandcarried in the packet to be backed-up by analyzing the packet to bebacked-up, and performing configuration according to the configurationcommand; and/or obtain tunnel information carried in the packet to bebacked-up by analyzing the packet to be backed-up, and reconstructing atunnel corresponding to the tunnel information according to the tunnelinformation; and/or obtain a tunnel deletion notification carried in thepacket to be backed-up by analyzing the packet to be backed-up, anddeleting a tunnel corresponding to the tunnel deletion notificationaccording to the tunnel deletion notification; and/or obtain a DeadPoint Detection (DPD) serial number carried in the packet to bebacked-up by analyzing the packet to be backed-up, and backing up theDPD serial number; and/or obtain a packet identifier (ID) carried in thepacket to be backed-up by analyzing the packet to be backed-up, andbacking up the packet ID.

If the backup system in this embodiment includes at least one backupdevice shown in FIG. 7, the active device is configured to: obtain aserial number of data packet from an active device; obtain a serialnumber of data packet from a standby device by calculating a sum of theserial number of the data packet from the active device and a specificincrement value; package the serial number of the data packet from thestandby device into a packet to be backed-up; and send the packet to bebacked-up. The active device is further configured to: determine that anincrement of the serial number of the data packet from the active deviceafter the previous backup operation exceeds a first increment threshold;and/or determine that a period time after the previous backup operationexceeds a first time threshold. The active device is further configuredto: package packet information that carries a configuration command intothe packet to be backed-up after receiving the configuration command;and/or package packet information that carries tunnel information or atunnel deletion notification into the packet to be backed-up when addingor deleting a tunnel; and/or package packet information that carries aDead Point Detection (DPD) serial number into the packet to be backed-upwhen updating the DPD serial number; and/or package packet informationthat carries a packet identifier (ID) into the packet to be backed-upwhen updating the packet ID.

Through the backup system in this embodiment, the serial number of thedata packet from the active device is pre-increased when the backupdevice backs up the serial number of the data packet, and therefore,after the service is switched over from the active device to the standbydevice, the active device still regards the data packet sent by theformer standby device as a new data packet and receives the data packet,which prevents service interruption caused by the switchover andimproves continuity of service processing in the process of two-nodecluster hot backup.

Finally, it should be noted that the above embodiments are merelyprovided for describing the technical solutions of the presentinvention, but not intended to limit the present invention. It isapparent that persons skilled in the art can make various modificationsand variations to the invention without departing from the spirit andscope of the invention. The present invention is intended to cover themodifications and variations provided that they fall in the scope ofprotection defined by the following claims or their equivalents.

1. A backup method, comprising: receiving a packet to be backed-up; obtaining a serial number of a data packet from an active device by analyzing the packet, wherein the serial number is carried in the packet; obtaining a serial number of a data packet from a standby device by calculating the serial number of the data packet from the active device and a specific increment value; determining that an increment of the serial number of the data packet from the active device exceeds a first increment threshold; and backing up the serial number of the data packet from the standby device upon the determination.
 2. The method according to claim 1, further comprising at least one of the set of steps consisting of: obtaining a configuration command carried in the packet to be backed-up by analyzing the packet to be backed-up, and performing configuration according to the configuration command; obtaining tunnel information carried in the packet to be backed-up by analyzing the packet to be backed-up, and reconstructing a tunnel corresponding to the tunnel information according to the tunnel information; obtaining a tunnel deletion notification carried in the packet to be backed-up by analyzing the packet to be backed-up, and deleting a tunnel corresponding to the tunnel deletion notification according to the tunnel deletion notification; obtaining a Dead Point Detection (DPD) serial number carried in the packet to be backed-up by analyzing the packet to be backed-up, and backing up the DPD serial number; and obtaining a packet identifier (ID) carried in the packet to be backed-up by analyzing the packet to be backed-up, and backing up the packet ID.
 3. The method according to claim 1, further comprising: obtaining the tunnel information carried in the packet to be backed-up by analyzing the packet to be backed-up; and reconstructing the tunnel corresponding to the tunnel information according to the tunnel information, wherein the tunnel information comprises tunnel serial number information or tunnel traffic information.
 4. The method according to claim 3, further comprising: when the tunnel information is the tunnel serial number information, the serial number of the data packet from the standby device reaches a target value if the following conditions are fulfilled: the serial number of the data packet from the standby device is K multiplied by the first increment threshold of the serial number of the data packet from the active device, wherein K is an integer that fulfills 2≦K≦4.
 5. The method according to claim 3, further comprising: when the tunnel information is the tunnel traffic information, the tunnel traffic information of the standby device is modified according to the tunnel traffic information of the active device so that the tunnel traffic information of the active device is equal to the tunnel traffic information of the standby device.
 6. A backup method, comprising: obtaining a serial number of a data packet from an active device; obtaining a serial number of a data packet from a standby device by calculating a sum of the serial number of the data packet from the active device and a specific increment value; packaging the serial number of the data packet from the standby device into a packet to be backed-up; and sending the packet to be backed-up.
 7. The method according to claim 6, wherein before the step of obtaining the serial number of the data packet from an active device, the method further comprises at least one of the set of steps consisting of: determining that an increment of the serial number of the data packet from the active device after the previous backup operation exceeds a first increment threshold; and determining that a period time after the previous backup operation exceeds a first time threshold.
 8. The method according to claim 6, further comprising at least one of the set of steps consisting of: packaging packet information that carries a configuration command into the packet to be backed-up after receiving the configuration command; packaging packet information that carries tunnel information or a tunnel deletion notification into the packet to be backed-up when adding or deleting a tunnel; packaging packet information that carries a Dead Point Detection (DPD) serial number into the packet to be backed-up when updating the DPD serial number; and packaging packet information that carries a packet identifier (ID) into the packet to be backed-up when updating the packet ID.
 9. A backup device, comprising: a first receiving module, configured to receive a packet to be backed-up; a first analyzing module, configured to obtain a serial number of a data packet from an active device by analyzing the packet, wherein the serial number is carried in the packet; a first summing module, configured to obtain a serial number of a data packet from a standby device by calculating the serial number of the data packet from the active device and a specific increment value; and a first backup module, configured to determine that an increment of the serial number of the data packet from the active device exceeds a first increment threshold and back up the serial number of the data packet from the standby device upon the determination.
 10. The device according to claim 9, further comprising: a first processing module, configured to implement at least one of the set of steps consisting of: obtaining a configuration command carried in the packet to be backed-up by analyzing the packet to be backed-up, and perform configuration according to the configuration command; obtaining tunnel information carried in the packet to be backed-up by analyzing the packet to be backed-up, and reconstruct a tunnel corresponding to the tunnel information according to the tunnel information; obtaining a tunnel deletion notification carried in the packet to be backed-up by analyzing the packet to be backed-up, and delete a tunnel corresponding to the tunnel deletion notification according to the tunnel deletion notification; and obtaining a Dead Point Detection (DPD) serial number carried in the packet to be backed-up by analyzing the packet to be backed-up, and back up the DPD serial number; and/or obtain a packet identifier (ID) carried in the packet to be backed-up by analyzing the packet to be backed-up, and back up the packet ID.
 11. The device according to claim 9, further comprising: a first processing module, configured to obtain the tunnel information carried in the packet to be backed-up by analyzing the packet to be backed-up; and reconstruct the tunnel corresponding to the tunnel information according to the tunnel information, wherein the tunnel information comprises tunnel serial number information or tunnel traffic information.
 12. A backup device, comprising: a first obtaining module, configured to obtain a serial number of a data packet from an active device; a second summing module, configured to obtain a serial number of a data packet from a standby device by calculating a sum of the serial number of the data packet from the active device and a specific increment value; a first packaging module, configured to package the serial number of the data packet from the standby device into a packet to be backed-up; and a first sending module, configured to send the packet to be backed-up.
 13. The device according to claim 12, further comprising: a second processing module, configured to implement at least one of the set of steps consisting of: determining that an increment of the serial number of the data packet from the active device after the previous backup operation exceeds a first increment threshold; and determining that a period time after the previous backup operation exceeds a first time threshold.
 14. The device according to claim 12, further comprising: a second packaging module, configured to implement at least one of the set of steps consisting of: packaging packet information that carries a configuration command into the packet to be backed-up after receiving the configuration command; packaging packet information that carries tunnel information or a tunnel deletion notification into the packet to be backed-up when adding or deleting a tunnel; packaging packet information that carries a Dead Point Detection (DPD) serial number into the packet to be backed-up when updating the DPD serial number; and packaging packet information that carries a packet identifier (ID) into the packet to be backed-up when updating the packet ID.
 15. A backup system, comprising: a backup device, wherein the backup device further comprising: a first receiving module, configured to receive a packet to be backed-up; a first analyzing module, configured to obtain a serial number of a data packet from an active device by analyzing the packet, wherein the serial number is carried in the packet; a first summing module, configured to obtain a serial number of a data packet from a standby device by calculating the serial number of the data packet from the active device and a specific increment value; and a first backup module, configured to determine that an increment of the serial number of the data packet from the active device exceeds a first increment threshold and back up the serial number of the data packet from the standby device upon the determination; and the other backup device, wherein the other backup device further comprising: a first obtaining module, configured to obtain the serial number of the data packet from the active device; a second summing module, configured to obtain the serial number of the data packet from the standby device by calculating a sum of the serial number of the data packet from the active device and the specific increment value; a first packaging module, configured to package the serial number of the data packet from the standby device into a packet to be backed-up; and a first sending module, configure to send the packet to be backed-up. 